REMARKS 



Claims 1-3 and 19 are pending in this application. By this Response, claim 1 is 
amended and claims 12-17 and 21-22 are canceled. Claim 1 is amended to more clearly 
recite that the personally identifiable information requested by the second data user is the 
same personally identifiable information provided to the first data user by the data 
subject. In particular, claim 1 is amended to recite a "third active entity represented by a 
third object class in said first set of object classes is a second data user that requests said 
personally identifiable information from said first data user" (emphasis added). Support 
for these amendments may be found at least in Figure 3 of the present specification. No 
new matter has been added by the amendment to claim 1 . 

Entry of the above amendment is proper after Final Office Action because the 
amendment is merely directed to clarifying the text already present in the claim by adding 
the word "said" before personally identifiable information which was unintentionally 
omitted by way of a typographical error. Furthermore, this amendment is consistent with 
the arguments that have been provided to date by Applicants' representative regarding the 
art cited against the application. For example, in Applicants' previously filed Response, 
Applicants specifically argued: 

It should be noted that claim 1 of the present application recites 
three specific active entities: (1) a first data user that requests personally 
identifiable information from (2) a data subject, and (3) a second data user 
that requests the personally identifiable information for the data subject (2) 
from the first data user (1). The rules define if and how the personally 
identifiable information (about the data subject (2)) may be provided, by 
the first data user (1), to the second data user (3). Thus, the rules in the 
present invention define if and how one party may send information to a 
second party, the information being descriptive of a third party. Benantar 
does not provide any such features. 

Thus, it is clear from Applicants' arguments, and thus prosecution history estoppel, that 
the personally identifiable information in the phrase "a second data user that requests 
personally identifiable information from said first data user" is the same personally 
identifiable information provided by the data subject to the first data user. Therefore, the 
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above amendment does not raise any new issues requiring further search or consideration, 
serves only to clarify the features already present in the claims, and places the application 
in condition for allowance over the art cited by the Examiner for the reasons set forth in 
the previously filed Response, the arguments of which are incorporated hereafter. 
Accordingly, Applicants respectfully request entry of the above amendment and 
reconsideration of the claims in view of the following remarks. 

I. Telephone Interview 

Applicants thank Supervisory Examiner Barron for the courtesies extended to 
Applicants' representative during the February 21, 2008 telephone interview. During the 
telephone interview, the distinctions of the present claims over the cited art was 
discussed. Examiner Barron indicated that the clause "a third active entity represented by 
a third object class in said first set of object classes is a second data user that requests 
personally identifiable information from said first data user" did not specify that the 
personally identifiable information is the same personally identifiable information 
referenced earlier in the claim. Applicants' representative disagreed and pointed out that 
it is clear that this personally identifiable information is the same personally identifiable 
information as supplied by the data subject to the first data user especially when 
considering the following clause which states "said rules define if and how said 
personally identifiable information may be provided, by said first data user, to said 
second data user" (emphasis added). Applicants' representative urged that the omission 
of the word "said" before personally identifiable information was a typographical error 
and was not intended as a way of broadening the scope of the claim to refer to some other 
personally identifiable information as is clearly evident from Applicants' arguments. 
Examiner Barron indicated that the claim should be amended to recite "said" personally 
identifiable information. 

Thus, Applicants, by this Response, have amended the claim accordingly. Since 
this amendment merely clarifies the claim and does not substantively affect the scope of 
the claims, the arguments presented in Applicants' previously filed Response still apply 
and are repeated hereafter where appropriate. With entry of this amendment, Applicants 
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respectfully submit that the claims now stand in condition for allowance over the art cited 
in the Final Office Action for at least these reasons and those set forth below. 

II. Claim Objections 

The Final Office Action objects to claims 15, 16, and 22 under 37 CFR 
1.75(d)(1), alleging that the term "computer recordable" is not defined in the 
specification. Claims 15, 16, and 22 are canceled by this Response and thus, this 
objection is rendered moot. Accordingly, Applicants respectfully request withdrawal of 
the objection to claims 15, 16, and 22. 

III. Rejection under 35 U.S.C. §102 Based on Benantar 

The Final Office Action rejects claims 1, 2, 12, 13, 15 and 16 under 35 U.S.C. § 
102(b) as allegedly being anticipated by Benantar (U.S. Patent No.5,787,427). This 
rejection is moot with regard to canceled claims 12, 13, 15, and 16 and is respectfully 
traversed with regard to claims 1-2. 

Claim 1 of the present application reads as follows: 

1 . A method, in a data processing system, for handling personally 
identifiable information, said method comprising: 

providing, in a computer, a first set of object classes representing 
active entities in an information-handling process, wherein a limited 
number of privacy-related actions represent operations performed on data 
and wherein each of the active entities is a human being or legal entity; 

providing, in said computer, a second set of object classes 
representing data and rules in said information-handling process, wherein 
at least one object class has said rules associated with said data, and 
wherein said data represents said personally identifiable information; and 

processing transactions, in the data processing system, involving 
said personally identifiable information, using said computer and said first 
and second set of object classes, so as to enforce a privacy policy, 
associated with the personally identifiable information and defined by said 
rules, against one or more active entities represented by said first set of 
object classes, wherein each of the one or more active entities represented 
by said first set of object classes is a human being or legal entity, wherein: 
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a first active entity represented by a first object class in said first 
set of object classes is a first data user that requests said personally 
identifiable information from a data subject that is a second active entity 
represented by a second object class in said first set of object classes, 

said data subject is an active entity that is personally identifiable 
by said personally identifiable information; 

a third active entity represented by a third object class in said first 
set of object classes is a second data user that requests said personally 
identifiable information from said first data user, and 

said rules define if and how said personally identifiable 
information may be provided, by said first data user, to said second data 
user . 

(emphasis added) 

A prior art reference anticipates the claimed invention under 35 U.S.C. § 102 only 
if every element of a claimed invention is identically shown in that single reference, 
arranged as they are in the claims. In re Bond, 910 F.2d 831, 832, 15 U.S.P.Q.2d 1566, 
1567 (Fed. Cir. 1990). All limitations of the claimed invention must be considered when 
determining patentability. In reLowry, 32 F.3d 1579, 1582, 32 U.S.P.Q.2d 1031, 1034 
(Fed. Cir. 1994). Anticipation focuses on whether a claim reads on the product or process a 
prior art reference discloses, not on what the reference broadly teaches. Kalman v. 
Kimberly-Clark Corp., 713 F.2d 760, 218 U.S.P.Q. 781 (Fed. Cir. 1983). Applicants 
respectfully submit that Benantar does not identically show every element of the claimed 
invention arranged as they are in the claims. Specifically, Benantar does not teach the 
features of claim 1 emphasized above, or the similar features found in the other rejected 
independent claims. 

It should be noted that claim 1 of the present application recites three specific active 
entities: (1) a first data user that requests personally identifiable information from (2) a 
data subject, and (3) a second data user that requests the personally identifiable 
information for the data subject (2) from the first data user (1). The rules define if and 
how the personally identifiable information (about the data subject (2)) may be provided, 
by the first data user (1), to the second data user (3). Thus, the rules in the present 
invention define if and how one party may send information to a second party, the 
information being descriptive of a third party. Benantar does not provide any such 
features. 
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Benantar describes an information handling system in which objects are grouped 
so that they can share common control access policies. Benantar is concerned with the 
large storage requirements of Access Control Lists (ACLs) and alleviates the problems of 
having to have a lot of storage or memory consumed by ACLs by grouping objects that 
can use the same access policies on a particular object or set of objects. However the 
control access policies merely specify the types of actions, or methods, that the particular 
objects can themselves perform on the object in question, e.g., read, write, execute, use, 
administer, or control (see column 6, lines 54-67). 

In particular Benantar has improved upon the traditional access matrix in which 
authorization policies are specified by identifying subjects in rows of the matrix and 
rights in the columns of the matrix with the corresponding authorization policies being 
specified in the intersection of the row and column (see column 3, line 22 to column 4, 
line 47). The improvement offered by Benantar is to group subjects and then use the 
groups, rather than the individual subjects, in the access matrix (see Tables 4 and 5 of 
Benantar). However, in all cases, the resulting authorization policy in the access matrix 
of Benantar is the same as in the traditional access matrix, i.e. the authorization policy 
specifies what access the subject has to the object in question. 

To the contrary, the rules in claim 1 are not limited to what access the first data 
user has to the data subject or what access the second data user has to the data subject. 
Rather, the rules specify if and how the data subject may be provided by the first data 
user to the second data user . The access mechanisms of Benantar do not cover such 
functionality. Rather, with Benantar, the access matrix merely specifies what operations 
the first data user may perform on the data subject, and separately specifies what 
operations the second data user may perform on the data subject. The access matrix in 
Benantar does not specify if and how the first data user may send the data subject to the 
second data user in response to the second data user requesting the data subject from the 
first data user. 

In other words, Benantar provides mechanisms for controlling access by the data 
users to the data subject in the manner depicted in Figure A below: 
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FIGURE A 

As can be seen from Figure A, the ACLs or access matrix of Benantar only addresses 
each individual data user, or "subject" in Benantar, access to the data subject. To the 
contrary, the rules recited in claim 1 of the present application provide a mechanism for 
controlling access by the data users to the data subject in the manner depicted in Figure B 
below: 
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FIGURE B 



As can be seen from Figure B, the rules of the invention recited in claim 1 control the 
transfer of the data subject from the first data user to the second data user. Benantar is 
not even concerned with such transfers of information, let alone provides any mechanism 
for controlling such transfers of information. 

Thus, in view of the above, Applicants respectfully submit that Benantar does not 
teach each and every feature of independent claim 1 as is required under 35 U.S.C. § 
102(b). At least by virtue of its dependency on claim 1, Benantar does not teach each and 
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every feature of dependent claim 2. Accordingly, Applicants respectfully request 
withdrawal of the rejection of claims 1-2 under 35 U.S. C. § 102(b). 

IV. Rejection under 35 U.S.C. §103(a) Based on Benantar and Tolopka 

The Final Office Action rejects claims 3, 14, and 17 under 35 U.S.C. § 103(a) as 
being allegedly unpatentable over Benantar in view of Tolopka (U.S. Patent No. 
6,044,349). This rejection is moot with regard to canceled claims 14 and 17 and is 
respectfully traversed, for at least the same reasons as set forth above with regard to the 
35 U.S.C. § 102(b) rejection based on Benantar, with regard to claim 3. That is, Benantar 
does not teach or even suggest the features discussed above. Moreover, Tolopka does not 
provide any teaching or suggestion to alleviate the deficiencies of Benantar noted above. 

Tolopka is directed to a portable storage medium to store data and provide access 
to information from an information dissemination system (IDS). The storage medium 
can store one or more location/key pairs. Each of the location/key pairs designates a 
particular IDS location as well as an access key to the particular IDS location. The 
storage medium can also store a plurality of information units. The information units are 
categorized into levels of information categories with at least one information category 
per level and at least one information unit per information category. Levels of 
information categories can be individually accessed and categories of information units 
within levels can be selectively downloaded. 

Thus, Tolopka is only concerned with what access a particular information 
seeking system has to an IDS, and controls this access based on a key providing on a 
smart card. The key and smart card in Tolopka operate in a similar manner as the ACLs 
of Benantar in that they only control access by that particular subject, or information 
seeking system, to a particular object. They do not have anything to do with controlling 
how the information seeking system may then send that information to another 
information seeking system. 

Tolopka is cited by the Final Office Action as allegedly teaching objects that may 
represent paper-filled forms. Even if Tolopka were to teach or suggest such features, 
Tolopka does not provide any teaching or suggestion regarding rules that define if and 
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how the personally identifiable information (about a data subject) may be provided, by a 
first data user, to a second data user, as recited in independent claim 1, from which claim 
3 depends. Thus, any alleged combination of Tolopka and Benantar, even if such a 
combination were possible and one were somehow motivated to make such a 
combination of teachings, would not result in the features of independent claim 1, or its 
dependent claim 3, being taught or suggested. 

In view of the above, Applicants respectfully submit that the alleged combination 
of Benantar and Tolopka does not teach or suggest the features of claim 3. Accordingly, 
Applicants respectfully request withdrawal of the rejection of claim 3 under 35 U.S.C. § 
103(a). 

V, Rejection under 35 U.S.C. §1 03(a) Based on Benantar and Gifford 

The Final Office Action rejects claims 19, 21, and 22 under 35 U.S.C. § 103(a) as 
being allegedly unpatentable over Benantar in view of Gifford (U.S. Patent No. 
5,614,927). This rejection is moot with regard to canceled claims 21-22 and is 
respectfully traversed, for at least the same reasons as set forth above with regard to the 
35 U.S.C. § 102(b) rejection based on Benantar, with regard to claim 19. That is, 
Benantar does not teach or even suggest the features discussed above. Moreover, Gifford 
does not provide any teaching or suggestion to alleviate the deficiencies of Benantar 
noted above. 

Gifford is directed to a system and method for protecting a database against 
deduction of confidential attribute values therein. A memory is provided for storing the 
database and a processor is provided for processing the database. Using the processor, 
the database is electronically partitioned into public attributes, containing nonconfidential 
attribute values, and private attributes, containing private attribute values. The processor 
is then used to electronically process the private attribute values to reduce any high 
correlation between public attribute values and private attribute values. 

Gifford is cited by the Final Office Action as allegedly teaching depersonalization 
of objects. Even if Gifford were to teach or suggest such features, Gifford does not 
provide any teaching or suggestion regarding a mechanism, or even rules, for governing 
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if and how a first data user may send a data subject to a second data user. Thus, any 
alleged combination of Gifford and Benantar, even if such a combination were possible 
and one were somehow motivated to make such a combination of teachings, would not 
result in the features of independent claim 1, or its dependent claim 19, being taught or 
suggested. 

In view of the above, Applicants respectfully submit that the alleged combination 
of Benantar and Gifford does not teach or suggest the features of claim 19. Accordingly, 
Applicants respectfully request withdrawal of the rejection of claim 19 under 35 U.S.C. § 
103(a). 

VI. Conclusion 

It is respectfully urged that the subject application is now in condition for 
allowance. The Examiner is invited to call the undersigned at the below-listed telephone 
number if in the opinion of the Examiner such a telephone conference would expedite or 
aid the prosecution and examination of this application. 



Respectfully submitted, 



DATE: April 1,2008 




Stephen J. Walder, Jr. / 
Reg. No. 41,534 

Walder Intellectual Property Law, P.C. 

P.O. Box 832745 
Richardson, TX 75083 
(214) 722-6419 
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